r 



Page 2 of 10 



D 


1 
1 


IT IN — Dt\ 


-?o ±u ± 










t-> o o 

E2o 


1 


r IN— dK 


QQ 1 O, QQO 


E^y 




DM — DD 


y 0 iu y y ** 


E3U 


1 




qq i OQQ^ 


E 31 


1 


DM— RD 

r vi— on. 




E3<£ 


1 


FN— dK 


QQI H Q Q*7 

y 0 iu y y / 


E Jo 


1 


DM DD 


QQI n QQQ 

y 0 iu yy 0 


E34 


1 


DM DD 


QQI A QQQ 

y 0 iuy y y 


roc 

E3o 


1 


DM— DD 

FN— rSK 


qqi i nnn 
yo 1 iuuu 


E36 


-1 
1 


OKI DD 


qqi 1 nm 

yo 1 J-Uui 


E37 


1 


FIN— dK 


qq i 1 nno 
yo 1 iUUz 


r-i o O 

E38 


1 


DM D D 

FN— BK 


QQ 1 1 c\r\ A 
yoll UU4 


E39 


1 


DM DD 


QQI 1 Pin c: 


E40 


1 


DM T> T> 

FN— BK 


qqi t nnc 

yy nuuo 


E41 


1 


PN=BR 


no 1 1 f\f\1 


E42 


1 


PN=BR 


9oll00o 


E43 


1 
1 


PN—BR 


yoiiuuy 


E4 4 


1 


PN=BR 


yoiiuiu 


E45 


1 


PN=BR 


9811011 


E46 


1 


PN-BR 


9811012 


E47 


1 


PN=BR 


9811013 


E48 


1 


PN=BR 


9811014 


E49 


1 


PN=BR 


9811015 


E50 


1 


PN=BR 


9811016 



Enter P or PAGE for more 
?se3 

SI 1 PN='BR 9810967' 



? 1 1/7/1 

1/7/1 

DIALOG(R)File 351 : Derwent WPI 

(c) 2008 The Thomson Corporation. All rights reserved. 



0009253575 Drawing available 
WPIAccno: 1999-181268/199915 

Related WPI AccNo: 1996-465320; 1997-363998; 1998-363180; 1999-154174; 1999-154175; 
1999-154176; 1999-154177; 1999-154178; 1999-154179; 1999-243551; 2002-060946; 2002- 
499082; 2002-705909; 2002-722051; 2002-722052; 2003-677663; 2003-898213; 2004-155029; 
2004-478232; 2004-579235; 2004-623798; 2005-809338; 2007-015228 
XRPX Acc No: N 1 999- 1 33079 

method for decrypting an instance of service that has been decrypted with short-term key 

Patent Assignee: SCIENTIFIC-ATLANTA INC (SCAT) 

Inventor: AKINS G L; PALGON M S; PINDER H G; WASILEWSKI A J; AKJNS G 

Patent Family ( 8 patents, 79 countries ) 

Patent Number Kind Date Application Number Kind Date Update Type 1 
WO 1999009743 A2 19990225 WO 1998US 16079 A 19980731 199915 B J 



http://www.dialogclassic.com/mainframe.html 



1/16/2008 



Page 3 of 10 



AU 199915816 


: A 

j:A 


19990308 AU 199915816 


jjA 


l 998073 I l 99929 E 


br 100051 1 


\A2 


;?20000517;jEP 1998960147 


!|A 


: 1 998073 1 200028 E 






At 7/~\ 1 AAOT TO 1 /'AHA 

iWO 1998US16079 


:;A 


;1 9980731 


dK 199olU9o/ 


\- A 
ijA 


:i, )AAl 1 AlHlJDD 1 AAO 1 AA^T 

20011030 BR 199810967 


A 


lh fiAOAT5 1 ; O AA1 T> 

: 1 9980/31 2001 7^ h 






-AITV^ 1 AfiOT TO 1 /CA*7A 

;WU 199oUo 16079 


A 


il 19980/31; 


^"CT> 1 AA AC 1 1 

EP 1000511 


! Bl 


■^AA 1 111 y*--T»T» 1 AAOA/"A1 il T 

200HH4 EP 1998960147 


; A 


1 1 998073 1 200 1 75 E 






iWO 1998US 16079 


A 


19980731 


DE 69802540 


... 

j;E 


2001 1220 DE 69802540 


,A_ 


19980731 200207 E 






7"T™>Tv i AAOAZ"A1 >l *T 

;EP 1998960147 


■ A 

;A 


h 19980731; 


[ 




|WO 1998US 16079 


I:a 


! 19980731! 


ijjr zUUiDzlo/O 


W 


jizOOJO/lD^WU 1998US16079 


:- A 

A 


i i 1 998073 1 20U34 7 j E 


i 
i 




[JP 2000510276 


A 


|19980731 


JP 2005253109 


jjA 


20050915 JP 2000510276 


jA 


19980731 200560; E 


r 




jJP 2005120425 




"]|20b50418: 



Priority Applications (no., kind, date): US 199754575 P 19970801; US 1998126921 A 19980731 

Patent Details 



Patent Number 



WO 1999009743 

National Designated 
;jStates,Original 



jRegional Designated 
States,Original 

| AU 199915816 

HEP 1000511 



jjRegional Designated 
States,Onginal 

BR 199810967 



EP 1000511 



; jRegional Designated 
States,Onginal 

! IDE 69802540 



Kind Lan Pgs Draw 



FUingNote^ 



A2 IjEN 111 1311 29! 



AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE 
IDK EE ES FI GB GE GH GM HR HU ID IL IS JP KE KG KP 

! ;kr kz lc lk lr ls lt lu lv md mg mk MN MW MX 

iiNO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA 
iUGUZVNYUZW 



AT BE CH CY DE DK EA ES FI FR GB GH GM GR IE IT KE 
LS LU MC MW NL OA PT SD SE SZUG ZW 

1a2 iiEN"; 



Based on OPI patent WO 1999009743 ; 
PCT Application WO 1998US16079 



Based on OPI patent WO 1 999009743 



i DE FR GB IT NL 



A PT 



Bl EN 



PCT Application WO 1998US 16079 

•Based on OPI patent WO 1999009743 < 

PCT Application WO 1 998US1 6079 

Based on OPI patent WO 1999009743 ]j 



jiDE FR GB IT NL 

m ;;DE 1 



Application 
1PCT Application 
;Based on OPI patent 



IsEP 1998960147 



WO 1998US 16079 
EP 1000511 



http://www.dialogclassic.com/mainframe.html 



1/16/2008 



Page 4 of 10 

jBased on OPI patent j|vra§^l 
j pas^OT OPI patent ^ jr^ l^^O^^B jj 

jjjp^s^i^j |jA !ja_1_59{ $>}y^^ !! 

Alerting Abstract WO A2 

NOVELTY - The method involves receiving a second message in a receiver together with the 
instance of the service. The second message includes a key derivation value that is used with a 
long-term key to obtain the short-term key to decrypt the instance of the service. 
DESCRIPTION - A control word is combined into an encrypted coded message (ECM) (107) with 
other service-related information. The ECM (107) is authenticated by Control Word Encrypt & 
Message Authenticate function (204) which produces a message authentication code using a keyed- 
hash value derived from the message content combined with a secret which can be shared with the 
receiving set-top box (113). This secret is preferably part or all of a multisession key (MSS) (208). 
The message authentication code is appended to the rest of the ECM (107). The CAW (202) is 
always encrypted before being sent along with the other parts of the ECM to MX (200). This 
encryption is preferably a symmetric cipher such as the Triple-DES algorithm using two distinct 
56-bit keys (which taken together comprise MSS (208). 

USE - The invention concerns systems for protecting information and more particularly concerns 
systems for protecting information that is transmitted by a wired or wireless medium against 
unauthorized access. 

ADVANTAGE - The service distribution organizations require access restrictions which are both 
more secure and more flexible than those in conventional systems 

DESCRIPTION OF DRAWINGS - The drawing is a block diagram of service instance encryption 
techniques. 
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204 Control Word Encrypt & Message Authenticate function 
200 MX 
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A cable television system provides conditional access to services. The cable television system 
includes a headend from which service "instances", or programs, are broadcast and a plurality of set 
top units for receiving the instances and selectively decrypting the instances for display to system 
subscribers. The service instances are encrypted using public and/or private keys provided by 
service providers or central authorization agents. Keys used by the set tops for selective decryption 
may also be public or private in nature, and such keys may be reassigned at different times to 
provide a cable television system in which piracy concerns are minimized. 

Publication No. EP 100051 1 Bl (Update 200175 E) 
Publication Date: 2001 1114 
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Original IPC: H04N-7/1 67(A) 
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(R,I,M,JP,20060101 ,2005 1220,C,L) 
Claim: 

1 . Verfahren der Entschlusselung einer Diensteeinheit (325), die mit einem gegebenen 

Kurzzeitschlussel (319) verschlusselt wurde, wobei das Verfahren in einem Empfanger (333) 
ausgefuhrt wird, der ein Offentlich/Privat-Schlusselpaar besitzt, und das Verfahren durch die 
folgenden Schritte gekennzeichnet ist: 

o im Empfanger eine erste Nachricht (3 15) zu empfangen, deren Inhalt einen ersten 
Langzeitschlussel (309) einschliesst und unter Verwendung des offentlichen Schlussels 
(312) fiir den Empfanger (333) verschlusselt wurde; 
o den privaten Schlussel (337) zur Entschlusselung des Inhalts zu verwenden; 
o den ersten Schlussel (309) zu speichern; 

o im Empfanger (333) zusammen mit der verschlusselten Diensteeinheit (329) eine 
zweite Nachricht (323) zu empfangen, wobei die zweite Nachricht (323) einen 
Indikator fur einen zweiten Kurzzeitschlussel (3 1 9) einschliesst; 

o den Indikator und den ersten Schlussel (309) zu benutzen, um den zweiten Schlussel zu 
erhalten; worin der zweite Schlussel dem gegebenen Schlussel (3 19), mit dem der 
Dienst verschlusselt wurde, gleichwertig ist, und 

o den zweiten Schlussel zur Entschlusselung der empfangenen Diensteeinheit zu 
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verwenden. 



1 . A method of decrypting an instance of a service (325) that has been encrypted with a given 
short-term key (319), the method being carried out in a receiver (333) that has a public key- 
private key pair and the method being characterised by the following steps: 

o receiving a first message (3 1 5) in the receiver whose contents include a first long-term 
key (309), the contents having been encrypted using the public key (312) for the 
receiver (333); 
o using the private key (337) to decrypt the contents; 
o storing the first key (309); 

o receiving a second message (323) in the receiver (333) together with the encrypted 
instance of the service (329), the second message (323) including an indicator for a 
second short-term key (319); 

o using the indicator an the first key (309) to obtain the second key; wherein the second 
key is equivalent to the given key (3 19) that encrypted the service, and 

o using the second key to decrypt the received instance of the service. 



1 . Procede de decryptage d'une instance d ? un service (326) qui etait cryptee avec une cle a court 
terme donnee (3 1 9), le procede etant execute dans un recepteur (333) qui comporte une paire 
de cle publique-cle privee et le procede etant caracterise par les etapes suivantes: 

o recevoir un premier message (3 1 5) dans le recepteur dont le contenu comprend une 
premiere cle a long terme (309), le contenu ayant ete crypte en utilisant la cle publique 
(312) pour le recepteur (333), 
o utiiiser la cle privee (337) pour decrypter le contenu, 
o memoriser la premiere cle (309), 

o recevoir un second message (323) dans le recepteur (333) en meme temps que 

Tinstance cryptee du service (329), le second message (323) comprenant un indicateur 
pour une seconde cle a court terme (3 19), 
o utiiiser l'indicateur et la premiere cle (309) pour obtenir la seconde cle, dans lequel 
o la seconde cle est equivalente a la cle donnee (319) qui a crypte le service, et 
o utiiiser la seconde cle pour decrypter Tinstance recue du service. 
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(R,I,M,JP,200601 01 ,2005 1 220,C,L) H04L-9/08(RJ,M 5 JP,20060101 ,2005 1 220,A,L) H04L-9/08 
(R,I,M,JP,200601 0 1 ,200603 1 0,C,F) H04N-5/00(R,I,M,EP,20060 1 0 1 ,2005 1 008, A) H04N-5/00 
(RJ,M,EP,20060101,20051008,C) H04N-7/16(R,I,M,EP,20060101,20051008,A) H04N-7/16 
(R,I,M,EP,20060101,20051008,C) H04N-7/167(R,I,M,EP,2006010 1,2005 1008, A) H04N-7/167 
(R,I,M,EP,20060101,20051008,C) H04N-7/173(R,I,M,JP,20060101,20051220, A,F) H04N-7/173 
(R,I,M,JP,20060101 ,20051220,C,L) 
Original Abstract: 

A cable television system provides conditional access to services. The cable television system 
includes a headend from which service "instances", or programs, are broadcast and a plurality of set 
top units for receiving the instances and selectively decrypting the instances for display to system 
subscribers. The service instances are encrypted using public and/or private keys provided by 
service providers or central authorization agents. Keys used by the set tops for selective decryption 
may also be public or private in nature, and such keys may be reassigned at different times to 
provide a cable television system in which piracy concerns are minimized. 

Un reseau de television par cable assure un acces conditionnel a des services. Le reseau de 
television par cable comprend une tete de reseau a partir de laquelle on diffuse les "instances" de 
service ou programmes. Ce reseau comprend aussi une pluralite d'unites decodeurs concues pour 
recevoir les instances et dechiflfrer selectivement les instances qui vont s'afficher pour les abonnes 
du reseau. Les instances de service sont chiflrees par des cles publiques et/ou privees fournies par 
des fournisseurs de service ou des agents d'autorisation centraux.Les cles utilisees par les decodeurs 
permettant un dechiffrement selectif peuvent aussi etre publiques ou privees et de telles cles 
peuvent etre reaffectees a differents moments pour assurer un reseau de television par cable dans 
lequel les risques de piratage sont minimises. 
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